home

Lyoness Cashback AG

Publisher Information

Lyoness Cashback AG is a software developer located in Graz, Styria in Austria*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs.
Authority:
GlobalSign nv-sa

Valid from:
10/21/2013 6:07:04 PM

Valid to:
10/21/2016 6:07:04 PM

Subject:
E=domainadmin@lyoness.ag, CN=Lyoness Cashback AG, O=Lyoness Cashback AG, L=Graz, S=Styria, C=AT

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121966e6f40865e27da6418f77da28077d3

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.LyonessCashbackAG.Installer (M), PUP.LyonessCashbackAG (M), PUP.Besttoolbars.LyonessCashbackAG (M), Win32.Generic.LyonessCashbackAG.Meta, PUP.LyonessC (M), PUP.Besttoolbars.LyonessC (M), PUP.LyonessC.Installer (M), PUP (M), PUP.Besttoolbars (M)
100.00%

VIPRE Antivirus
Threat.4796038, Besttoolbars
14.00%

ESET NOD32
Win32/Toolbar.Besttoolbars (variant), Win64/Toolbar.Besttoolbars (variant), Win32/Toolbar.Besttoolbars.G potentially unwanted (variant)
8.00%

McAfee
Artemis!73977B6EFAC7, Artemis!72C4F907CE05, Artemis!552117B7738D
6.00%

Agnitum Outpost
PUA.Toolbar.Agent, PUA.Toolbar.Besttoolbars
6.00%

Dr.Web
Adware.BGuard.117, Adware.Plugin.349
6.00%

Fortinet FortiGate
Riskware/Agent, Riskware/Besttoolbars, Adware/Besttoolbars
6.00%

Trend Micro House Call
Suspicious_GEN.F47V0708, Suspicious_GEN.F47V1107
6.00%

NANO AntiVirus
Riskware.Win32.Agent.dsygtj, Trojan.Win32.Brantall.dbetup
4.00%

Baidu Antivirus
PUA.Win32.Besttoolbars, PUA.Win64.Besttoolbars
4.00%

1 / 68      (Malware)
mini_installer.exe (Lyoness Browser Installer by Lyoness Cashback AG)  (ad698fd5b5424b04eb819e0274630ad2)

1 / 68      (Malware)
mini_installer.exe (Lyoness Browser Installer by Lyoness Cashback AG)  (48e8cf5b04358a6ebc14fbd8326893a7)

1 / 68      (Malware)
lyonessbrowserupdate.exe  (2ab9ff71532df5c64682598b3194f0c2)

1 / 68      (Malware)
lyoness.exe  (0e693ea1d4e6054bddd3f1709159b4ba)

1 / 68      (Malware)
lyoness.exe  (5b71d79e959e4cf90af1d34361da26d5)

1 / 68      (Malware)
lyoness.exe  (f6ebe744c905835af53a32af9b3ac5f5)

1 / 68      (Malware)
lyoness.exe  (60f8a086d3a59235d6701582a6aeb553)

1 / 68      (Malware)
lyoness.exe  (f9b30bd342ec64578a447e7cebf93932)

1 / 68      (Adware)
backgroundhost64.exe (Add-ons Framework)  (d1f52c38ea87d1741045c28cb2515fb6)

1 / 68      (Adware)
BackgroundHost.exe (Add-ons Framework)  (66371d19911c34ebeb51b1da85dfe2f8)

1 / 68      (Malware)
update.service.exe  (4ed73993744302ff198d040b4a746958)

1 / 68      (Malware)
update.service.exe  (55dcee7aa66fb8b88e6ee71f6ba8de71)

1 / 68      (PUP)
update.service.exe  (40c41ab65f988c00136d36edcb997010)

1 / 68      (PUP)
scripthost64.dll (Add-ons Framework by Lyoness Cashback AG)  (91c73099d02352a45641d6a5fd12f154)

1 / 68      (Adware)
ScriptHost.dll (Add-ons Framework by Lyoness Cashback AG)  (90c88700580897c3a87bf3a3ba5109fe)

1 / 68      (PUP)
lyoness.exe  (ee1d5673c70c4cf57f71fcee23bfe9ae)

1 / 68      (PUP)
wow_helper.exe  (e26915b3a8b41c45e24eddfa958a7d69)

1 / 68      (PUP)
scripthost64.dll (Add-ons Framework by Lyoness Cashback AG)  (b28237a58fc26ad51ff81a8a6ae8c7f7)

1 / 68      (Adware)
ScriptHost.dll (Add-ons Framework by Lyoness Cashback AG)  (23f58dd1a3ba11360f39aed06615f639)

1 / 68      (PUP)
lyoness.exe  (3f65c557ac0aa93e690616d60e120d73)

1 / 68      (PUP)
lyoness.exe  (741780e18c8028e0abec090c633e37b2)

1 / 68      (PUP)
scripthost64.dll (Add-ons Framework by Lyoness Cashback AG)  (dcf3a074afb938f3969cf08a9459cfe8)

1 / 68      (Adware)
backgroundhost64.exe (Add-ons Framework)  (2e78fa98057f2e10607dc503a0e7860e)

1 / 68      (Adware)
addonsframework.typelib64.dll (Add-ons Framework by Besttoolbars)  (eb3ced66834ace50989f5cbbf42c0492)

1 / 68      (Adware)
addonsframework.typelib.dll (Add-ons Framework by Besttoolbars)  (57924cb0dbafc4a4aac9cbb49dbb0e6d)

1 / 68      (PUP)
scripthost64.dll (Add-ons Framework by Lyoness Cashback AG)  (356c0d8f1052d603580f6200acfaa351)

1 / 68      (PUP)
lyoness.exe  (bf2a6878d9b9335e24277820d5d5d3c1)

1 / 68      (Adware)
buttonsite64.dll (Add-ons Framework)  (96df7dcdf7584025a883b310db9f8d30)

1 / 68      (PUP)
LyonessBrowserUpdater.exe (Lyoness Browser by Lyoness Cashback AG)  (28b02706a3b9e302eb482ad95994b07f)

1 / 68      (PUP)
scripthost64.dll (Add-ons Framework by Lyoness Cashback AG)  (67166190a9c0cc703810bcec29a45059)

 
Latest 30 of 99 files

Downloads URLs for files signed by Lyoness Cashback AG.

1 / 68      (PUP)
https://www.lyoness.net/internal/Public/sharedfiles/toolbar/.../lyoness.exe  (ee1d5673c70c4cf57f71fcee23bfe9ae)

The following websites host and distribute files published by Lyoness Cashback AG.

www.lyoness.net

* Note, the details and description above are based on the code signing digital signature issued to Lyoness Cashback AG by GlobalSign nv-sa on October 21, 2013 with the serial number '1121966e6f40865e27da6418f77da28077d3'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.